diff options
| author | Yan, Zheng | 2019-05-26 10:27:56 +0200 |
|---|---|---|
| committer | Ilya Dryomov | 2019-07-08 14:01:42 +0200 |
| commit | ac6713ccb5a6d13b59a2e3fda4fb049a2c4e0af2 (patch) | |
| tree | b97e61e509a3771db80edf64c3b211079faf4cc7 /fs/ceph/caps.c | |
| parent | ceph: rename struct ceph_acls_info to ceph_acl_sec_ctx (diff) | |
| download | kernel-qcow2-linux-ac6713ccb5a6d13b59a2e3fda4fb049a2c4e0af2.tar.gz kernel-qcow2-linux-ac6713ccb5a6d13b59a2e3fda4fb049a2c4e0af2.tar.xz kernel-qcow2-linux-ac6713ccb5a6d13b59a2e3fda4fb049a2c4e0af2.zip | |
ceph: add selinux support
When creating new file/directory, use security_dentry_init_security() to
prepare selinux context for the new inode, then send openc/mkdir request
to MDS, together with selinux xattr.
security_dentry_init_security() only supports single security module and
only selinux has dentry_init_security hook. So only selinux is supported
for now. We can add support for other security modules once kernel has a
generic version of dentry_init_security()
Signed-off-by: "Yan, Zheng" <zyan@redhat.com>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Diffstat (limited to 'fs/ceph/caps.c')
| -rw-r--r-- | fs/ceph/caps.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c index 7754d7679122..50409d9fdc90 100644 --- a/fs/ceph/caps.c +++ b/fs/ceph/caps.c @@ -3156,6 +3156,7 @@ static void handle_cap_grant(struct inode *inode, ci->i_xattrs.blob = ceph_buffer_get(xattr_buf); ci->i_xattrs.version = version; ceph_forget_all_cached_acls(inode); + ceph_security_invalidate_secctx(inode); } } |